My Encryption Research Project

I’ve recently become very interested in the practical aspects of encryption, especially of drives and data.
With notebook computers full of data disappearing every day, or so it seems, the practical need for encryption all but speaks for itself.
However, encryption remains an overly-complex and opaque topic.
I want to find out whether there is any consensus yet on what tools and practices make sense. Is there anything like a “standard” approach? Are there tools and practices that we might or should standardize on. What are the “best” tools? For me, this means: what are the most usable tools?
What are the common pitfalls? Are there free or Open Source approaches? Is there a “gold standard” approach?
How can I keep this as simple as possible and still have reasonable protection?
You get the idea.
I’m interested in pointers to good resources, solid, real world practical advice, and stories about what people are doing successfully today.
What are law firm CIOs doing as they address these issues?
If you want to leave a public comment, then, by all means, feel free to leave a comment on this blog. However, I’d prefer that you email me directly (denniskennedyblog @ gmail . com).
Yes, I’ll probably write an article when I finish my research.
I look forward to hearing from you about what seems to be working these days.
[Originally posted on DennisKennedy.Blog (http://www.denniskennedy.com/blog/)]
Learn more about legal technology at Dennis Kennedy’s Legal Technology Central page.
Technorati tags:

Comments

  1. says

    Check out Steve Gibson and Leo Laporte’s Security Now Podcast #41.They discuss a wonderful product called Truecrypt. I have been meaning to download it myself but I want to finish the manual first.

  2. says

    Hi, Dennis. You may want to give BitLocker a look, if you haven’t already.
    A little background: in Windows Vista, Microsoft is providing an encryption technology called BitLocker. This is a full-volume encryption based upon the AES standard; it will encrypt not only documents, but anything on the boot drive, including page files, temp files, etc. It can work with the Trusted Computing module on modern computers, and key management can be provided in Active Directory, which would allow administrators to unencrypt a drive if needed.
    It should be much more secure than the Encrypting File System built into Windows 2000 and XP, which stores the keys in an insecure way and does not protect data that lives outside the specified folder (such as pagefile or temp file data).
    Unfortunately, though, it’s only available on two SKUs of Vista; the Enterprise version (available only to firms with a Software Assurance agreement) and the Ultimate edition (which is a high-end home version).
    For more about BitLocker, check this link:
    http://www.microsoft.com/whdc/system/platform/hwsecurity/BitLockerFAQ.mspx

  3. Brian K says

    I second the suggestion of trying TrueCrypt as a way of encrypting drives or portions of drives. Simple, fast, easy, stable.
    For quick and easy encryption of a single file, look at AxCrypt. Couldn’t be easier.
    Both are freeware.